Verifiable Delegation of Computation in the Setting of Privacy-Preserving Biometric Authentication

Cloud computing has gained popularity due to the growth of internet and the number of devices. Although outsourcing computation tasks to the remote cloud come with great
convenience, there are increasing concerns regarding data privacy and computation integrity since the cloud providers are external third parties. Veriable computation (VC) is a mechanism to let the client verify the computation result returned by the cloud as an integrity guarantee, which can be widely applied in various scenarios of computation
outsourcing. In this thesis work we focus specically on the setting of biometric authentication systems, where a user is granted access to some service based on biometric
templates matching. It is very important to preserve the privacy of these templates as they contain many private information. Privacy-preserving can be achieved by homomorphic encryption, where the computation server only stores and performs computations on encrypted templates. Yasuda et al. proposed a biometric authentication scheme
based on such mechanism [3]. However, a template recovery attack was discovered in the scheme as a result of malicious computation server and lack of integrity check [4].

The goal of this theory-oriented thesis is to choose a suitable VC scheme and integrate it into the biometric authentication scheme by Yasuda et al. in order to counter the aforementioned attack. The outcome is a new scheme BVC that allows the client to verify the correctness of the result returned by the computation server while preserving the authentication functionalities and templates privacy. We provided a general scheme description, a protocol description showing the interaction of different parties, and more importantly the actual construction of BVC with security and correctness analyses. In addition, we reflected on the template recovery attack and showed that the order combining a VC and homomorphic encryption is very critical. We presented an attack algorithm for malicious cloud to comprise the privacy of the computation outcome if the order is done in a wrong way.

Länka till denna publikation

Dela på webben

Skapa referens, olika format (klipp och klistra)

HarvardLiu, J. (2015) Verifiable Delegation of Computation in the Setting of Privacy-Preserving Biometric Authentication. Göteborg : Chalmers University of Technology

BibTeX @mastersthesis{Liu2015,author={Liu, Jing},title={Verifiable Delegation of Computation in the Setting of Privacy-Preserving Biometric Authentication},abstract={Cloud computing has gained popularity due to the growth of internet and the number of devices. Although outsourcing computation tasks to the remote cloud come with great
convenience, there are increasing concerns regarding data privacy and computation integrity since the cloud providers are external third parties. Veriable computation (VC) is a mechanism to let the client verify the computation result returned by the cloud as an integrity guarantee, which can be widely applied in various scenarios of computation
outsourcing. In this thesis work we focus specically on the setting of biometric authentication systems, where a user is granted access to some service based on biometric
templates matching. It is very important to preserve the privacy of these templates as they contain many private information. Privacy-preserving can be achieved by homomorphic encryption, where the computation server only stores and performs computations on encrypted templates. Yasuda et al. proposed a biometric authentication scheme
based on such mechanism [3]. However, a template recovery attack was discovered in the scheme as a result of malicious computation server and lack of integrity check [4]. <br><br> The goal of this theory-oriented thesis is to choose a suitable VC scheme and integrate it into the biometric authentication scheme by Yasuda et al. in order to counter the aforementioned attack. The outcome is a new scheme BVC that allows the client to verify the correctness of the result returned by the computation server while preserving the authentication functionalities and templates privacy. We provided a general scheme description, a protocol description showing the interaction of different parties, and more importantly the actual construction of BVC with security and correctness analyses. In addition, we reflected on the template recovery attack and showed that the order combining a VC and homomorphic encryption is very critical. We presented an attack algorithm for malicious cloud to comprise the privacy of the computation outcome if the order is done in a wrong way.},publisher={Institutionen för data- och informationsteknik (Chalmers), Chalmers tekniska högskola},place={Göteborg},year={2015},note={66},}

RefWorks RT GenericSR ElectronicID 228386A1 Liu, JingT1 Verifiable Delegation of Computation in the Setting of Privacy-Preserving Biometric AuthenticationYR 2015AB Cloud computing has gained popularity due to the growth of internet and the number of devices. Although outsourcing computation tasks to the remote cloud come with great
convenience, there are increasing concerns regarding data privacy and computation integrity since the cloud providers are external third parties. Veriable computation (VC) is a mechanism to let the client verify the computation result returned by the cloud as an integrity guarantee, which can be widely applied in various scenarios of computation
outsourcing. In this thesis work we focus specically on the setting of biometric authentication systems, where a user is granted access to some service based on biometric
templates matching. It is very important to preserve the privacy of these templates as they contain many private information. Privacy-preserving can be achieved by homomorphic encryption, where the computation server only stores and performs computations on encrypted templates. Yasuda et al. proposed a biometric authentication scheme
based on such mechanism [3]. However, a template recovery attack was discovered in the scheme as a result of malicious computation server and lack of integrity check [4]. <br><br> The goal of this theory-oriented thesis is to choose a suitable VC scheme and integrate it into the biometric authentication scheme by Yasuda et al. in order to counter the aforementioned attack. The outcome is a new scheme BVC that allows the client to verify the correctness of the result returned by the computation server while preserving the authentication functionalities and templates privacy. We provided a general scheme description, a protocol description showing the interaction of different parties, and more importantly the actual construction of BVC with security and correctness analyses. In addition, we reflected on the template recovery attack and showed that the order combining a VC and homomorphic encryption is very critical. We presented an attack algorithm for malicious cloud to comprise the privacy of the computation outcome if the order is done in a wrong way.PB Institutionen för data- och informationsteknik (Chalmers), Chalmers tekniska högskola,LA engLK http://publications.lib.chalmers.se/records/fulltext/228386/228386.pdfOL 30